Skip to Main Content
Select regional store:
Lockdown Learning: get 20% off all training dates, plus all self-paced online courses! Find out more
ISO/IEC 27008 2011 Standard

ISO/IEC 27008 2011 Standard

SKU: 3644
Publishers: ISO/IEC
Format: Hardcopy
Pages: 36
Published: 06 Oct 2011
Availability: In Stock
Format: PDF
Published: 06 Oct 2011
Availability: Immediate Download
Price: $310.00


ISO 27008 (ISO/IEC 27008) Information technology – Security techniques - Guidelines for auditors on information security controls

ISO/IEC TR 27008:2011 provides guidance on reviewing the implementation and operation of information security controls within an organization. It supports the risk management process in ISO/IEC 27001 and the information security controls in ISO/IEC 27002.

This Standard will be of particular use where the technical compliance checking of information system controls is taking place, in compliance with an organization's established information security standards.

ISO/IEC TR 27008:2011 is applicable to any type of organization, including public and private companies, government entities and not-for-profit organizations undertaking information security reviews and technical compliance checks.

Why buy this Standard?

Information security control reviews and technical compliance testing should be integral parts of any enterprise-wide information security program.

They will help an organization to:

  • Identify and understand the extent of potential problems or shortfalls in the organization's implementation and operation of information security controls, information security standards and, consequently, technical information security controls
  • Identify and understand the potential organizational impacts of inadequately mitigated information security threats and vulnerabilities
  • Prioritize information security risk mitigation activities
  • Confirm that previously identified or emergent information security weaknesses or deficiencies have been adequately addressed
  • Support budgetary decisions within the investment process and other management decisions relating to improvement of the organization's information security management

Please note: We supply, interchangeably, the British and other national or international adoptions of ISO/IEC 27008, which all contain exactly the same content.

Purchase and use of the PDF version of this product is subject to this EULA.

This website uses cookies. View our cookie policy